Vulnerabilities > Parity > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-06-14 CVE-2023-34449 Incorrect Check of Function Return Value vulnerability in Parity Ink!
ink! is an embedded domain specific language to write smart contracts in Rust for blockchains built on the Substrate framework.
network
low complexity
parity CWE-253
5.3
2022-09-24 CVE-2022-39242 Incorrect Calculation vulnerability in Parity Frontier 20210903/20211013
Frontier is an Ethereum compatibility layer for Substrate.
network
low complexity
parity CWE-682
5.3
2022-08-19 CVE-2022-36008 Integer Overflow or Wraparound vulnerability in Parity Frontier
Frontier is Substrate's Ethereum compatibility layer.
network
low complexity
parity CWE-190
6.5
2022-07-06 CVE-2022-31111 Always-Incorrect Control Flow Implementation vulnerability in Parity Frontier
Frontier is Substrate's Ethereum compatibility layer.
network
low complexity
parity CWE-670
5.3
2022-01-14 CVE-2022-21685 Integer Underflow (Wrap or Wraparound) vulnerability in Parity Frontier 20210903/20211013
Frontier is Substrate's Ethereum compatibility layer.
network
low complexity
parity CWE-191
6.5
2021-10-13 CVE-2021-41138 Improper Input Validation vulnerability in Parity Frontier
Frontier is Substrate's Ethereum compatibility layer.
network
low complexity
parity CWE-20
5.3
2021-09-03 CVE-2021-39193 Improper Validation of Specified Quantity in Input vulnerability in Parity Frontier
Frontier is Substrate's Ethereum compatibility layer.
network
low complexity
parity CWE-1284
5.3
2020-01-23 CVE-2019-20399 Information Exposure Through Discrepancy vulnerability in Parity Libsecp256K1
A timing vulnerability in the Scalar::check_overflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack.
network
high complexity
parity CWE-203
5.9
2018-01-11 CVE-2017-18016 Origin Validation Error vulnerability in Parity Browser 1.6.10
Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by requesting other websites via the Parity web proxy engine (reusing the current website's token, which is not bound to an origin).
network
low complexity
parity CWE-346
5.3